Sophos published a new maintenance release for the UTM:
- System will be rebooted
- Configuration will be upgraded
- Connected REDs will perform firmware upgrade
- Connected Wifi APs will perform firmware upgrade
Bugfixes:
NUTM-4079 [AWS] DNS Resolver too slow for ELBs
NUTM-3885 [Access & Identity] [RED] RED50 reconnecting every 30 minutes
NUTM-4502 [Access & Identity] [RED] reactivating RED management causes problem with provisioning server
NUTM-4749 [Access & Identity] [RED] interface default routes are not written
NUTM-4832 [Access & Identity] 9.404 SSL site-to-site VPN client is not compatibal with older UTM versions
NUTM-4870 [Access & Identity] STAS: Packetfilter rule is written too late when enabling the feature
NUTM-4875 [Access & Identity] 9.404 SSL site-to-site VPN doesn’t work with static IP setting
NUTM-4881 [Access & Identity] IPsec remote access xauth fails with “could not find cache entry”
NUTM-4918 [Access & Identity] HTML5 VPN: Portuguese (Brazil) keyboard doesn’t appear to support special characters
NUTM-4974 [Access & Identity] UTM unable to connect to support tunnel
NUTM-4981 [Access & Identity] [RED] RED management can’t be reactivated after a Backup / Restore
NUTM-4987 [Access & Identity] 9.404 SSL site-to-site VPN client compatibility to older openvpn versions
NUTM-5004 [Access & Identity] [RED] misleading peer status send
NUTM-4941 [Basesystem] NTP Vulnerability
NUTM-5132 [Basesystem] Disable weak ciphers for webadmin
NUTM-3180 [Confd] IP Address change was not applied properly to the interface
NUTM-4346 [Documentation] Enhance documentation regarding unencrypted SSO AD password in printable configuration
NUTM-3225 [Email] JSON error when accessing Data Loss Prevention Tab and SMTP Profiles
NUTM-3483 [Email] Missing/incomplete logging for sandstorm in SMTP proxy
NUTM-3505 [Email] MIME type blacklist can be bypassed if an another file is whitelisted
NUTM-3666 [Email] Mail log in user portal is case-sensitive
NUTM-3667 [Email] RAR and XLSX files causing Scanner timeout or deadlock – moving to error queue
NUTM-4331 [Email] Implement more error handling in QMGR for error cases
NUTM-4874 [Email] SMTP proxy can’t be disabled when upgrading from 9.31x
NUTM-5228 [Email] change LogLevel in httpd-spx-reply.conf to warn
NUTM-5355 [Email] Increase AV Scanner timeout to 60 seconds
NUTM-2768 [HA/Cluster] 36307: Postgres can’t be started on Slave / rsync error: error in socket IO (code 10) at clientserver.c(122) [receiver=3.0.4]
NUTM-4894 [Logging] Fallback log on slave node is filling up the partition
NUTM-1954 [Network] 35457: Amazon vpc gets imported but quagga doesnt start
NUTM-3092 [Network] snmp does not work: because 10G modules query of link status timeout if no GBIC is plugged
NUTM-3115 [Network] AFC misclassifying HTTPS connections as ‘OpenVPN’
NUTM-3157 [Network] [INFO-152] Network Monitor not running – restarted
NUTM-3229 [Network] IPv6 over transparent proxy
NUTM-3247 [Network] Spam Filter cannot query database servers from Slave if a block all AFC rule exists
NUTM-4037 [Network] Update kernel to 3.12.58
NUTM-4992 [Network] Unitymedia / KabelBW customer getting always the MTU 576
NUTM-4885 [Reporting] SSL VPN reporting shows no user with a “#” sign in the username
NUTM-4593 [Sandboxd] Constant error when inserting record into sandstorm transactionlog table
NUTM-5128 [Virtualization] Incorrect interface order on HyperV
NUTM-4868 [WAF] WAF service restart issue (segmentation fault in mod_avscan)
NUTM-5266 [WAF] Form auth default template login not possible with chrome and FF
NUTM-4916 [WebAdmin] User portal: add Windows 10 to list of supported OSs for SSL VPN
NUTM-2447 [Web] 36231: HTTP proxy policy matching with backend groups is sometimes not working
NUTM-4525 [Web] Handle ha zeroconf for sandbox_reportd
NUTM-4806 [Web] postgres[xxxxx]: [x-x] STATEMENT: INSERT INTO TransactionLog
NUTM-4877 [Web] segfault after installing ep-httpproxy-9.40-319.g32fa996.i686.rpm
NUTM-4127 [WiFi] MAC filter whitelist does not work after editing the MAC Address List
NUTM-4451 [WiFi] Mesh AP doesn’t connect after deleting the AP from webadmin
NUTM-4913 [WiFi] Hotspot voucher QR code pointing to IP address instead of configured host name
NUTM-5032 [WiFi] ‘STA WPA Failure’ messages not appearing in wireless log